On 7/16/11 3:48 AM, Tim Hutt wrote:> Hi,
>
> I just tried to register for the wine forum, and noticed several
> really annoying things about the process:
>
> 1. The "Register" link is kind of hard to find. Normally it is
just
> next to the "Forgot password" link.
> 2. No SSL.
Why would you worry about this? The forum is PUBLIC and your input is
sent to a mailing list. Your email address is
stripped/hidden.> 3. You emailed me my password! Argh! This is a terrible idea for
> obvious reasons, and also implies:
Again, why? I belong to several mailing lists that routinely mail me my
password. I'm not worried that folks are going to log on using my
information. If you notice the spammer messages, they do so as
themselves.> 4. Passwords aren't stored hashed. Seriously. Look up lulzsec.
I think that Lulzsec has much more important targets to look at than the
Wine Mailing List. Things like the Department of Public Safety for the
State of Arizona in the United States are much more fun and get you
notice. And that is what groups like this want. Hacking the Wine
Mailing List is way down on their list of targets.> 5. I deleted the email that contained my password out of disgust,
> forgetting that I need to activate the account. There's no way to
> resend the activation email so now I cannot register.
>
Sure you can. I'll delete your initial stuff and you can try again, if
you desire to.
> Thankfully wine is much better than the steaming pile of dung that is
phpbb!
PHPBB is used by many mailing lists. It is almost the 'golden standard'
of mailing lists.
BTW, I work in systems security....
James